arne/openwrt
1
0
Fork 0
forked from mirror/openwrt
Code Pull requests Activity
openwrt/package
History
Hauke Mehrtens b463a13881 hostapd: fix multiple security problems 
This fixes the following security problems:
* CVE-2019-9494:  cache attack against SAE
* CVE-2019-9495:  cache attack against EAP-pwd
* CVE-2019-9496:  SAE confirm missing state validation in hostapd/AP
* CVE-2019-9497:  EAP-pwd server not checking for reflection attack)
* CVE-2019-9498:  EAP-pwd server missing commit validation for scalar/element
* CVE-2019-9499:  EAP-pwd peer missing commit validation for scalar/element
* CVE-2019-11555: EAP-pwd message reassembly issue with unexpected fragment

Most of these problems are not relevant for normal users, SAE is only
used in ieee80211s mesh mode and EAP-pwd is normally not activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-06-21 10:29:23 +02:00
..
base-files base-files: fix uci led oneshot/timer trigger 2019-06-20 17:41:42 +02:00
boot uboot-fritz4040: update PKG_MIRROR_HASH 2019-06-15 19:05:30 +02:00
devel strace: Update to 4.22 2018-12-18 17:22:08 +01:00
firmware ath10k: update QCA4019 firmware 2018-12-27 16:38:13 +01:00
kernel mac80211: brcmfmac: backport important fixes from kernel 5.2 2019-06-16 21:51:50 +02:00
libs openssl: update to 1.0.2s 2019-06-01 15:50:20 +02:00
network hostapd: fix multiple security problems 2019-06-21 10:29:23 +02:00
system rpcd: fix init script reload action 2019-06-06 11:29:15 +02:00
utils busybox: add missing install dir 2019-03-11 17:07:29 +01:00
Makefile imagebuilder: reuse rootfs preparation from rootfs.mk 2018-03-07 09:59:08 +01:00